New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

mbedtls: ramdom can use havege if enabled. #1227

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
3 participants
@p1ng0o
Contributor

p1ng0o commented Jan 25, 2017

I didn't succeed to write a "proper" CTR-DRBG random generator. So let's begin with havege 馃憤

Anyway, should I save mbedtls_havege_state somewhere ?

@mention-bot

This comment has been minimized.

Show comment
Hide comment
@mention-bot

mention-bot Jan 25, 2017

@p1ng0o, thanks for your PR! By analyzing the history of the files in this pull request, we identified @sasq64, @bagder and @jay to be potential reviewers.

mention-bot commented Jan 25, 2017

@p1ng0o, thanks for your PR! By analyzing the history of the files in this pull request, we identified @sasq64, @bagder and @jay to be potential reviewers.

@bagder bagder added the SSL/TLS label Jan 26, 2017

mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
#endif /* MBEDTLS_ERROR_C */
failf(data, "Failed - mbedTLS: ctr_drbg_seed returned (-0x%04X) %s\n",
-ret, errorbuf);

This comment has been minimized.

@bagder

bagder Jan 26, 2017

Member

shouldn't it also return an error here?

@bagder

bagder Jan 26, 2017

Member

shouldn't it also return an error here?

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Jan 26, 2017

Member

should I save mbedtls_havege_state somewhere

You tell me! Should it be saved? When the 'data' pointer is provided, it could be stored in that struct.

Member

bagder commented Jan 26, 2017

should I save mbedtls_havege_state somewhere

You tell me! Should it be saved? When the 'data' pointer is provided, it could be stored in that struct.

Show outdated Hide outdated lib/vtls/mbedtls.c
@p1ng0o

This comment has been minimized.

Show comment
Hide comment
@p1ng0o

p1ng0o Jan 27, 2017

Contributor

The question was, do I privilege cpu time (struct on data), or mem (struct on cstack).
But regarding other vtls implementation of random, and for consistency, It should be better on cstack.

Contributor

p1ng0o commented Jan 27, 2017

The question was, do I privilege cpu time (struct on data), or mem (struct on cstack).
But regarding other vtls implementation of random, and for consistency, It should be better on cstack.

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Jan 27, 2017

Member

Yeah, this function is not used a lot nor in any high performance situation so I think that's totally fine.

Member

bagder commented Jan 27, 2017

Yeah, this function is not used a lot nor in any high performance situation so I think that's totally fine.

@bagder bagder closed this in a90a5bc Jan 29, 2017

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Jan 29, 2017

Member

Thanks!

Member

bagder commented Jan 29, 2017

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment